[英]SSO with 2 spring applications in different Tomcats
I have been asked to do an integration of our webapp into a 3rd party webapp 我被要求将我们的网络应用程序集成到第三方网络应用程序中
So if you had both webapps in the same Tomcat instance from what I know you could enable the SSO widget and you'd get SSO across webapps but for a number of reasons we are running the webapps in their own Tomcat servers. 因此,如果根据我所知,两个Web应用程序都在同一个Tomcat实例中,则可以启用SSO小部件,并且可以跨Web应用程序获取SSO,但是由于多种原因,我们在自己的Tomcat服务器中运行Web应用程序。
I've used Jasig CAS before to manage SSO services, but because the main webapp is not designed or maintained by us and there is only one entry point, I'm looking for a less invasive way of managing authentication across the services. 我之前曾使用Jasig CAS来管理SSO服务,但是由于主要的Web应用不是由我们设计或维护的,并且只有一个切入点,因此,我正在寻找一种侵入性较小的方法来管理整个服务的身份验证。
Would a Cookie suffice of should I be looking at something else? Cookie是否足以满足我的需求?
After thinking about it, I can see 3 main possibilities : 考虑一下之后,我可以看到3种主要可能性:
CasAuthenticationProvider
can use the existing AuthenticationUserDetailsService
to load roles, will allow to first authentication on any application based on this cas server (even if not a current requirement) - Cons : maybe a heavy configuration for only 2 applications CasAuthenticationProvider
可以使用现有的AuthenticationUserDetailsService
加载角色,将允许在基于此cas服务器的任何应用程序上进行首次身份验证(即使不是当前要求)-缺点:可能仅用于2个应用程序的配置繁重 I would advice you to consider the 1st or 3rd solution, even if they require slight modification of spring security on a 3rd party application, because the 2nd sounds really a dirty hack 我建议您考虑第一种或第三种解决方案,即使它们需要在第三者应用程序上对Spring安全性进行一些修改,因为第二种听起来确实很脏
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.